Skip to main content
SpringerLink
Log in

A Practical Review on Intrusion Detection Systems by Known Data Mining Methods

  • Chapter
  • First Online:
Algorithms as a Basis of Modern Applied Mathematics

Part of the book series: Studies in Fuzziness and Soft Computing ((STUDFUZZ,volume 404))

  • 407 Accesses

Abstract

Computer networks are very functional in different fields so, the security of them should be provided. Many methods have been proposed for intrusion detection in computer networks. Software methods have been studied more than other methods. Machine learning methods have a good performance. In this paper, some of classification and clustering methods will be reviewed. Their structure will be described, how of use and adjust them and mainly advantages and disadvantages will be studied. And in the end, after introducing, described, criticized and checked, proceeded to the experiment and compare results of introduced methods with KDD cup99 data set.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 169.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 219.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD 219.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

References

  1. Chung, Y.Y., Wahid, N.: A hybrid network intrusion detection system using simplified swarm optimization (SSO). Appl. Soft Comput. 12, 3014–3022 (2012)

    Google Scholar 

  2. Niksefat, S., Kaghazgaran, P., Sadeghiyan, B.: Privacy issues in intrusion detection systems: a taxonomy. Survey and future directions. Comput. Sci. Rev. 25, 69–78 (2017)

    Google Scholar 

  3. Brahmi, I., Yahia, S.B., Aouadi, H., Poncelet, P.: Towards a Multiagent–Based Distributed Intrusion Detection System Using Data Mining Approaches, pp. 173–194. Springer, Berlin and Heidelberg (2012)

    Google Scholar 

  4. Denatious, D.K., John, A.: Survey on data mining techniques to enhance intrusion detection. In: Proceeding of the International Conference on Computer Communication and Informatics (ICCCI-2012), Coimbatore, India, Jan 2012, pp. 10–12

    Google Scholar 

  5. Sangkatsanee, P., Wattanapongsakorn, N., Charnsripinyo, C.: Practical real-time intrusion detection using machine learning approaches. Comput. Commun. 34, 2227–2235 (2011)

    Article  Google Scholar 

  6. Rafsanjani, M.K., Varzaneh, Z.A.: Intrusion detection by data mining algorithms: a review. J. New Results Sci. 2, 76–91 (2013)

    Google Scholar 

  7. Bhuyan, M.H., Bhattacharyya, D.K., Kalita, J.K.: Network anomaly detection:methods. systems and tools. IEEE Commun. Surv. Tutorial 16(1), 303–336 (2014)

    Google Scholar 

  8. Abadeh, M.S., Mohamadi, H., Habibi, J.: Design and analysis of genetic fuzzy systems for intrusion detection in computer networks. Expert Syst. Appl. 38, 7067–7075 (2011)

    Article  Google Scholar 

  9. Corchado, E., Herrero, A.: Neural visualization of network traffic data for intrusion detection. Appl. Soft Comput. 11, 20422056 (2011)

    Article  Google Scholar 

  10. Wu, ShX, Banzhaf, W.: The use of computational intelligence in intrusion detection systems: a review. Appl. Soft Comput. 10, 1–35 (2010)

    Article  Google Scholar 

  11. Yao, X.: A network intrusion detection approach combined with genetic algorithm and back propagation neural network. In: Proceeding of the 2010 International Conference on E-Health Networking, Digital Ecosystems and Technologies. IEEE (2010)

    Google Scholar 

  12. Bhuyan, M.H., Bhattacharyya, D.K., Kalita, J.K.: Surveying port scans and their detection methodologies. Comput. J. 54(10), 1565–1581 (2011)

    Article  Google Scholar 

  13. Kolias, C., Kambourakis, G., Maragoudakis, M.: Swarm intelligence in intrusion detection: a survey. Comput. Secur. 30, 625–642 (2011)

    Google Scholar 

  14. Ampah, N.K., Akujuobi, C.M., Sadiku, M.N.O., Alam, S.: An intrusion detection technique based on continuous binary communication channels. Int. J. Secur. Netw. 6, 174–180 (2011)

    Article  Google Scholar 

  15. Kashyap, S., Agrawal, P., Pandey, V.C., Keshri, S.P.: Soft computing based classification technique using KDD 99 data set for intrusion detection system. Int. J. Adv. Res. Electr. Electron. Instrum. Eng. 2(4), 2320–3765 (2013)

    Google Scholar 

  16. Davis, J.J., Clark, A.J.: Data preprocessing for anomaly based network intrusion detection: a review. Comput. Secur. 30, 353–375 (2011)

    Article  Google Scholar 

  17. Khanum, S.,Usman, M.: Mobile agent based hierarchical intrusion detection systems in wireless networks. Int. J. Comput. Sci. Issues IJCSI 9–16 (2012)

    Google Scholar 

  18. Sivatha Sindhu, S.S, Geetha, S., Kannan, A.: Decision tree based light weight intrusion detection using a wrapper approach. Expert Syst. Appl. 39, 129–141 (2012)

    Google Scholar 

  19. Liao, S., Chu, P., Hsiao, P.: Data mining techniques and applications a decade review from 2000 to 2011. Expert Syst. Appl. 39, 11303–11311 (2012)

    Google Scholar 

  20. Kuchaki Rafsanjani, M., Samareh, M.: Chaotic time series prediction by artificial neural networks. J. Comput. Methods Sci. Eng. 16, 599615 (2016)

    Google Scholar 

  21. Alpaydin, E.: Introduction to Machine Learning. Adaptive Computation and Machine Learning. The MIT Press (2010)

    Google Scholar 

  22. Hoskova-Mayerova, S., Rosicka, Z.: Programmed learning. Proc. Social Behav. Sci. 31, 782–787 (2012). https://doi.org/10.1016/j.sbspro.2011.12.141

  23. Moradi, Z.,Teshnehlab, M.,Rahmani, A.M.: Implementation of Neural Networks for Intrusion Detection in MANET, Proceedings of the ICETECT (2011)

    Google Scholar 

  24. Devaraju, S., Ramakrishnan, S.: Detection of accuracy for intrusion detection system using neural network calssifier. Int. J. Emerging Technol. Adv. Eng. 3, 2250–2459 (2013)

    Google Scholar 

  25. Haddadi, F., khanchi, S., Shetabi, M., Derhami, V.: Intrusion detection and attack classification using feed-forward neural network. In: Proceeding of the Second International Conference on Computer and Network Technology. IEEE (2016)

    Google Scholar 

  26. Poole, D.L., Mackworth, A.K.: Artificial Intelligence Foundations of Computational Agents. Published in the United States of America by Cambridge University Press, New York (2010)

    Book  Google Scholar 

  27. Ravisankar, P., Ravi, V., Raghava Rao, G., Bose, I.: Detection of financial statement fraud and feature selection using data mining techniques. Decision Support Syst. 50(2), 491–500 (2011)

    Google Scholar 

  28. Chang, C., Lin, C.J.: LIBSVM, A Library for Support Vector Machines, the use of LIBSVM (2009)

    Google Scholar 

  29. Chen, R.C., Cheng, K.F., Chen, Y.H., Hsieh, C.F.: Using rough set and support vector machine for network intrusion detection system. In: Proceeding of the First Asian Conference on Intelligent Information and Database Systems, pp. 465–470. IEEE (2009)

    Google Scholar 

  30. Meng, Y.X.: The practice on using machine learning for network anomaly intrusion detection. In: Proceedings of the 2011 International Conference on Machine Learning and Cybernetics, Guilin, vol. 10(13), pp. 576–581. IEEE (2011)

    Google Scholar 

  31. Pilabutr, S., Somwang, P., Srinoy, S.: Integrated soft computing for intrusion detection on computer network security. In: Proceeding of the International Conference on Computer Applications and Industrial Electronics (ICCAIE 2011), pp. 559–563. IEEE (2011)

    Google Scholar 

  32. Agarwal, B., Mittal, N.: Hybrid approach for detection of anomaly network traffic using data mining techniques. In: Proceedings of the 2nd International Conference on Communication, Computing & Security [ICCCS-2012], Procedia Technology, vol. 6, pp. 996–1003 (2012)

    Google Scholar 

  33. Mohammed Helali, R.G.: Data Mining Based Network Intrusion Detection System: A Survey, Novel Algorithms and Techniques in Telecommunications and Networking. Springer Science+Business Media B.V., pp. 501–505. (2010)

    Google Scholar 

  34. Mulay, S.A., Devale, P.R.: Decision tree based support vector machine for intrusion detection. In: Proceeding of the 2010 International Conference on Networking and Information Technology. IEEE (2010)

    Google Scholar 

  35. Li, L., Zhang, H., Peng, H., Yang, Y.: Nearest neighbors based density peaks approach to intrusion detection. Chaos Solitons Fract. 110, 33–40 (2018)

    Google Scholar 

  36. Lath, R., Shrivastava, M.: Analytical study of different classification technique for KDD cup data 99. Int. J. Appl. Inf. Syst. (IJAIS). Foundation of Computer Science FCS 3(6), 5–9 (2012)

    Google Scholar 

  37. Vercellis, C.: Business Intelligence: Data Mining and Optimization for Decision Making. Wiley (2009)

    Google Scholar 

  38. Koc, L., Mazzuchi, T.A., Sarkani, S.: A network intrusion detection system based on a hidden Nave Bayes multiclass classifier. Expert Syst. Appl. 39, 13492–13500 (2012)

    Article  Google Scholar 

  39. Tjhai, G.C., Furnell, S.M., Papadaki, M., Clarke, N.L.: A preliminary two-stage alarm correlation and filtering system using SOM neural network and K-Means algorithm. Comput. Secur. 29, 712–723 (2010)

    Google Scholar 

  40. Tuffery, S.: Data Mining and Statistics for Decision Making. Wiley (2011)

    Google Scholar 

  41. Horng, S.J., Su, M.Y., Chen, Y.H., Kao, T.W., Chen, R.J., Lai, J.L., Perkasa, C.D.: A novel intrusion detection system based on hierarchical clustering and support vector machines. Expert Syst. Appl. 38, 306–313 (2011)

    Article  Google Scholar 

  42. KDDcup99, Knowledge Discovery in Databases DARPA Archive (1999). http://www.kdd.ics.uci.edu/databases/kddcup99/task.html

  43. Tavallaee, M., Bagheri, E., Lu, W., Ghorbani, A.A.: A detailed analysis of the KDDCUP 99 data set. In: Proceedings of the 2099 IEEE Symposium on Computational Intelligence in Security and Defense Application (CISDA 2009)

    Google Scholar 

  44. Subbulakshmi, T., Shalinie, S.M., Subramanian, V.G., Bala Krishnan, K., Anand Kumar, D., Kannathal, K.: Detection of DDoS Attacks Using Enhanced Support Vector Machines with Real Time Generated Dataset, pp. 17–22. IEEE–ICoAC (2011)

    Google Scholar 

  45. Japkowicz, N., Shah, M.: Evaluating Learning Algorithms: A Classification Perspective. Cambridge University Press, Cambridge; New York (2011)

    Book  Google Scholar 

  46. Xie, T., Yu, H., Wilamowski, B.: Comparison between Traditional Neural Networks and Radial Basis Function Networks. IEEE (2011)

    Google Scholar 

  47. Ashok, R., Lakshmi, A., Rani, G.V., Kumar, M.N.: Optimized Feature Selection with k–Means Clustered Triangle SVM for Intrusion Detection. IEEE-ICoAC (2011)

    Google Scholar 

  48. Shao, M., Lin, J., Lee, Y.: Cluster–Based cooperative back propagation network approach for intrusion detection in MANET. In: Proceedings of the 10th IEEE International Conference on Computer and Information Technology, (CIT 2010), pp. 1627–1632 (2010)

    Google Scholar 

  49. Mulay, S.A., Devale, P.R., Garje, G.V.: Decision tree based support vector machine for intrusion detection. In: Proceeding of the 201O International Conference on Networking and Information Technology, 59–63 (2010 IEEE)

    Google Scholar 

  50. Bekesiene, S., Hoskova-Mayerova, S.: Decision Tree—Based Classification Model for Identification of Effective Leadership Indicators in the Lithuania Army Forces. J. Math Fund. Sci 50(2), 121–141 (2018). https://doi.org/10.5614/j.math.fund.sci.2018.50.2.2

    Article  Google Scholar 

  51. Wang, G., Hao, J., Ma, J., Huang, L.: A New Approach to Intrusion Detection Using Artificial Neural Networks and Fuzzy Clustering. Expert Syst. Appl. 37, 6225–6232 (2010)

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Faculty of Mathematics and Computer, Department of Computer Science, Shahid Bahonar University of Kerman, Kerman, Iran

    Meisam Samareh Ghasem & Marjan Kuchaki Rafsanjani

Authors
  1. Meisam Samareh Ghasem
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Marjan Kuchaki Rafsanjani
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Marjan Kuchaki Rafsanjani .

Editor information

Editors and Affiliations

  1. Department of Mathematics and Physics, Faculty of Military Technology, University of Defence, Brno, Czech Republic

    Šárka Hošková-Mayerová

  2. Faculty of Mathematics and Computer Science, Ovidius University, Constanta, Romania

    Cristina Flaut

  3. Department of Mathematics and Physics, University of Campania “Luigi Vanvitelli”, Caserta, Italy

    Fabrizio Maturo

Rights and permissions

Reprints and permissions

Copyright information

© 2021 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this chapter

Check for updates. Verify currency and authenticity via CrossMark

Cite this chapter

Samareh Ghasem, M., Kuchaki Rafsanjani, M. (2021). A Practical Review on Intrusion Detection Systems by Known Data Mining Methods. In: Hošková-Mayerová, Š., Flaut, C., Maturo, F. (eds) Algorithms as a Basis of Modern Applied Mathematics. Studies in Fuzziness and Soft Computing, vol 404. Springer, Cham. https://doi.org/10.1007/978-3-030-61334-1_10

Download citation

Publish with us

Policies and ethics

Search

Navigation